start > Linux > arpwatch

arpwatch

Created by dave. Last edited by dave, 14 years and 163 days ago. Viewed 4,975 times. #3

[diff] [history] [edit] [rdf]

labels

attachments

Problem

I am running arpwatch-2.1a13-10.RHEL4, obtained with CentOS 4.5 (a re-spin of RHEL 4.5).

I am trying to include two additional networks to monitor, in addition to the default local network.

I am invoking arpwatch as so:

arpwatch -i eth0 -u pcap -e my@email.address -s root (Arpwatch) -n a.b.c.d/25 -n e.f.g.h/27

However, arpwatch is still reporting bogons in e.f.g.h/27:

Apr 24 10:46:56 saturn arpwatch: bogon e.f.g.139 0:a0:cc:d3:2f:b2
Apr 24 10:47:48 saturn arpwatch: bogon e.f.g.132 0:f:66:4f:15:25
Apr 24 10:47:52 saturn arpwatch: bogon e.f.g.136 0:4:5a:8a:25:54
Apr 24 10:50:59 saturn arpwatch: bogon e.f.g.136 0:4:5a:8a:25:54

I have tried a couple of alternative invocations, specifically

[…] –n a.b.c.d/25 e.f.g.h/27
[…] –n a.b.c.d/25,e.f.g.h/27

…but arpwatch does not start with the parameters written like this.

The man page is perhaps ambiguous when describing –n: The -n flag specifies additional local networks.

It implies that more than one additional network can be specified but does not elaborate on how this might be accomplished.

no comments | post comment

see also:
Linux	snipsnap-index	arpwatch	Linux
Di...	Net+F...	Using Cobbl...	SIP+Problems
Network Documentation	Change ...	snipsnap-index	dtgreet hack
Crappy+LED+Christmas+L...	CentOS Install P...	Big+Problems,+Small+So...	Netscreen
Loop...	Juniper	Protect+Your+Address+Book	backup and restore

arpwatch

Problem

Virtual Dave Megaplex:

Useful: